Mark Zuckerberg’s Facebook page was hacked on Monday by a Palestinian hacker who wanted to highlight a flaw in Facebook’s security system.
Using a vulnerability he discovered while investigating the social network Khalil Shreateh hacked the account because he was being ignored by FB workers.
Facebook’s White Hat program offers monetary rewards for reporting vulnerabilities in its system but Shreateh says FB ignored his messages.
While Facebook was quick to fix the issue the social network says it will not pay Khalil for his discovery.
The social network said his discovery was “not a bug” when he first emailed the FB team. Mr. Shreateh then decided to prove it was a bug by posting to Mark Zuckerberg’s page.
Posted in Arabic the security experts message on Zuckerberg’s page reads:
“Sorry for breaking your privacy and post to your wall.”
The hacker also posted that he had “no choice” but to hack the account since his original message was met with the “not a bug” response.
Following the hack Facebook security team engineer Matt Jones admitted that the original email was worthy of a follow-up. However, Jones says the way Shreateh reported the bug was not part of the site’s “responsible disclosure policy”.
Facebook does not pay out for bugs that are highlighted by “using the accounts of real people without their permission.”
Do you think the Facebook hacker deserves a payout for exploiting the security bug.
0 Comments